Nortel Networks 42C4911 User Manual

TM

Alteon OS

Application Guide

Nortel 10Gb Ethernet Switch Module for IBM BladeCenter®
Version 1.0

Part Number: 42C4911, January 2007

2350 Mission College Blvd.

Santa Clara, CA 95054

www.bladenetwork.net

Suite 600

Alteon OS Application Guide

Copyright © 2007 Blade Network T echnologies, Inc., 2350 Mission College Blvd., Suite 600, Santa Clara,
California, 95054, USA. All rights reserved. Part Number: 42C4911.

This document is protected by copyright and distributed under licenses restricting its use, copying,
distribution, and decompilation. No part of this document may be reproduced in any form by any means
without prior written authorization of Blade Network T echnologies, Inc. Documentation is provided “as
is” without warranty of any kind, either express or implied, including any kind of implied or express
warranty of non-infringement or the implied warranties of merchantability or fitness for a particular
purpose.

U.S. Government End Users: This document is provided with a “commercial item” as defined by F AR

2.101 (Oct. 1995) and contains “commercial technical data” and “commercial software documentation” as
those terms are used in F AR 12.211-12.212 (Oct. 1995). Govern ment End Users are authorized to use this
documentation only in accordance with those rights and restrictions set forth herein, consistent with F AR

12.211- 12.212 (Oct. 1995), DF ARS 227.7202 ( JUN 1995) and DF ARS 252.227-7015 (Nov . 1995).
Blade Network Techn ologies, Inc. reserves the right to change any products described herein at any time,

and without notice. Blade Network T echnologies, Inc. assumes no responsibility or liability arisin g from
the use of products described herein, except as expressly agreed to in writing by Blade Network
Technologies, Inc. The use and purchase of this produc t does not convey a license under any patent rights,
trademark rights, or any other intellectual property rights of Blade Network T echnologies, Inc.

Originated in the USA.
Alteon OS, and Alteon are trademarks of Nortel Networks, Inc. in the United States and certain other

countries. Cisco

®

and EtherChannel® are registered trademarks of Cisco Syst ems, Inc. in the United S tates
and certain other countries. Any other trademarks appearing in this manual are owned by their respective
companies.

2 42C4911, January 2007

Contents

Preface 15

Who Should Use This Guide 15
What You’ll Find in This Guide 16
Typographic Conventions 18
How to Get Help 19

Part 1: Basic Switching 21

Chapter 1: Accessing the Switch 23

Management module setup 24

Factory-Default vs. MM assigned IP Addresses 24
Default Gateway 25
Configuring management module for switch access 25

External management port setup 28

Configuring the external management interface 28

Using Telnet 29

Connect to the Switch via SSH 29
BOOTP Relay Agent 29
DHCP Relay Agent 31

Using the Browser-Based Interface 33

Configuring BBI Access via HTTP 33
Configuring BBI Access via HTTPS 33

Using SNMP 36

SNMP v1.0 36
SNMP v3.0 36
Configuring SNMP Trap Hosts 39

Securing Access to the Switch 43

RADIUS Authentication and Authorization 44
TACACS+ Authentication 48

42C4911, January 2007 3

Alteon OS Application Guide

LDAP Authentication and Authorization 53
Secure Shell and Secure Copy 55
End User Access Control 61

Chapter 2: Port-based Network Access Control 67

Extensible Authentication Protocol over LAN 68

802.1x Authentication Process 69

802.1x Port States 71
Supported RADIUS Attributes 72
Configuration Guidelines 73

Chapter 3: VLANs 75

Overview 76
VLANs and Port VLAN ID Numbers 77

VLAN Numbers 77

PVID Numbers 77
VLAN Tagging 80
VLAN Topologies and Design Considerations 84

VLAN configuration rules 84

Example 1: Multiple VLANs with Tagging Adapters 85
Protocol-based VLANs 87

Port-based vs. Protocol-based VLANs 88

PVLAN Priority Levels 88

PVLAN Tagging 88

PVLAN Configuration Guidelines 89

Configuring PVLAN 89

Chapter 4: Ports and Trunking 93

Overview 94

Statistical Load Distribution 95

Built-In Fault Tolerance 95

Before you configure static trunks 95

Trunk group configuration rules 96
Port Trunking Example 97
Configurable Trunk Hash Algorithm 100
Link Aggregation Control Protocol 101

Configuring LACP 103

4 42C4911, January 2007

Alteon OS Application Guide

Chapter 5: Spanning Tree Group 105

Overview 106
Bridge Protocol Data Units (BPDUs) 107

Determining the Path for Forwarding BPDUs 107

Spanning Tree Group configuration guidelines 108
Multiple Spanning Trees 110

Default Spanning Tree configuration 110
Why Do We Need Multiple Spanning Trees? 111
Switch-Centric Spanning Tree Group 111
VLAN Participation in Spanning Tree Groups 112
Configuring Multiple Spanning Tree Groups 113

Port Fast Forwarding 115

Configuring Port Fast Forwarding 115

Fast Uplink Convergence 116

Configuration Guidelines 116
Configuring Fast Uplink Convergence 116

Chapter 6: Rapid Spanning Tree Protocol/Multiple Spanning Tree
Protocol 117

Rapid Spanning Tree Protocol 118

Port State Changes 118
Port Type and Link Type 119
RSTP Configuration Guidelines 119
RSTP Configuration Example 120

Multiple Spanning Tree Protocol 121

MSTP Region 121
Common Internal Spanning Tree 121
MSTP Configuration Guidelines 122
MSTP Configuration Example 122

Chapter 7: Quality of Service 123

Overview 124
Using ACL Filters 126

Summary of packet classifiers 126
Summary of ACL Actions 128
Understanding ACL Precedence 128
Using ACL Groups 129
ACL Metering and Re-marking 130

542C4911, January 2007

Alteon OS Application Guide

Viewing ACL Statistics 131

ACL Configuration Examples 132
Using DSCP Values to Provide QoS 134

Differentiated Services Concepts 134
Using 802.1p Priorities to Provide QoS 139

802.1p Configuration Example 140

Queuing and Scheduling 140

Part 2: IP Routing 141

Chapter 8: Basic IP Routing 143

IP Routing Benefits 144
Routing Between IP Subnets 145
Example of Subnet Routing 148
Dynamic Host Configuration Protocol 152

DHCP Relay Agent 153

DHCP Relay Agent Configuration 154

Chapter 9: Routing Information Protocol 155

Distance Vector Protocol 155

Stability 155

Routing Updates 156

RIPv1 156

RIPv2 156

RIPv2 in RIPv1 compatibility mode 157

RIP Features 157

RIP Configuration Example 158

Chapter 10: IGMP 161

IGMP Snooping 162

IGMP Snooping Configuration Example 163

Static Multicast Router 164
IGMP Relay 165

Configuration Guidelines 165

Configure IGMP Relay 166
Additional IGMP Features 168

FastLeave 168

IGMP Filtering 168

6 42C4911, January 2007

Chapter 11: Border Gateway Protocol 171

Internal Routing Versus External Routing 172
Forming BGP Peer Routers 173
What is a Route Map? 174

Incoming and Outgoing Route Maps 175
Precedence 176
Configuration Overview 176

Aggregating Routes 178
Redistributing Routes 179
BGP Attributes 180

Local Preference Attribute 180
Metric (Multi-Exit Discriminator) Attribute 180

Selecting Route Paths in BGP 181
BGP Failover Configuration 182
Default Redistribution and Route Aggregation Example 185

Chapter 12: OSPF 187

OSPF Overview 188

Types of OSPF Areas 188
Types of OSPF Routing Devices 190
Neighbors and Adjacencies 191
The Link-State Database 191
The Shortest Path First Tree 192
Internal Versus External Routing 192

OSPF Implementation in Alteon OS 193

Configurable Parameters 193
Defining Areas 194
Interface Cost 196
Electing the Designated Router and Backup 196
Summarizing Routes 196
Default Routes 197
Virtual Links 198
Router ID 199
Authentication 199
Host Routes for Load Balancing 202
OSPF Features Not Supported in This Release 203

Alteon OS Application Guide

742C4911, January 2007

Alteon OS Application Guide

OSPF Configuration Examples 204

Example 1: Simple OSPF Domain 205

Example 2: Virtual Links 207

Example 3: Summarizing Routes 211

Verifying OSPF Configuration 213

Part 3: High Availability
Fundamentals 215

Chapter 13: High Availability 217

Layer 2 Failover 218

VLAN Monitor 218

Setting the Failover Limit 219

L2 Failover with Other Features 219

Configuration Guidelines 220

L2 Failover Configurations 220

Configuring Trunk Failover 223
VRRP Overview 224

VRRP Components 224

VRRP Operation 226

Selecting the Master VRRP Router 226
Failover Methods 227

Active-Active Redundancy 228

Hot-Standby Redundancy 229
Alteon OS extensions to VRRP 230

Tracking VRRP Router Priority 230
Virtual Router Deployment Considerations 231

Assigning VRRP Virtual Router ID 231

Configuring the Switch for Tracking 231
High Availability Configurations 233

Active-Active Configuration 233

Hot-Standby Configuration 238

8 42C4911, January 2007

Part 4: Appendices 243

Appendix A: Troubleshooting 245

Monitoring Ports 246

Port Mirroring behavior 247
Configuring Port Mirroring 251

Appendix B: RADIUS Server Configuration Notes 253

Glossary 255

Index 257

Alteon OS Application Guide

942C4911, January 2007

Alteon OS Application Guide

10 42C4911, January 2007

Figures

Figure 1-1:Switch management on the BladeCenter management module 26
Figure 1-2:BOOTP Relay Agent Configuration 30
Figure 1-3:DHCP Relay Agent Configuration 31
Figure 2-1:Authenticating a Port Using EAPoL 69
Figure 3-1:Default VLAN settings 81
Figure 3-2:Port-based VLAN assignment 82
Figure 3-3:802.1Q tagging (after port-based VLAN assignment) 82
Figure 3-4:802.1Q tag assignment 83
Figure 3-5:802.1Q tagging (after 802.1Q tag assignment) 83
Figure 3-6:Example 1: Multiple VLANs with VLAN-Tagged Gigabit Adapters 85
Figure 4-1:Port Trunk Group 94
Figure 4-2:Port Trunk Group Configuration Example 97
Figure 5-1:Using Multiple Instances of Spanning Tree Group 111
Figure 5-2:Implementing Multiple Spanning Tree Groups 112
Figure 7-1:QoS Model 124
Figure 7-2:Layer 3 IPv4 packet 134
Figure 7-3:Layer 2 802.1q/802.1p VLAN tagged packet 139
Figure 8-1:The Router Legacy Network 145
Figure 8-2:Switch-Based Routing Topology 146
Figure 8-3:DHCP Relay Agent Configuration 154
Figure 11-1:iBGP and eBGP 172
Figure 11-2:Distributing Network Filters in Access Lists and Route Maps 175
Figure 11-3:BGP Failover Configuration Example 182
Figure 11-4:Route Aggregation and Default Route Redistribution 185
Figure 12-1:OSPF Area Types 189
Figure 12-2:OSPF Domain and an Autonomous System 190
Figure 12-3:Injecting Default Routes 197
Figure 12-4:OSPF Authentication 200
Figure 12-5:A Simple OSPF Domain 205
Figure 12-6:Configuring a Virtual Link 207
Figure 12-7:Summarizing Routes 211
Figure 13-1:Basic Layer 2 Failover 220
Figure 13-2:Two trunks, each in a different Failover Trigger 221

42C4911, January 2007 11

Alteon OS Application Guide

Figure 13-3:Two trunks, one Failover Trigger 222
Figure 13-4:A Non-VRRP, Hot-Standby Configuration 227
Figure 13-5:Active-Active Redundancy 228
Figure 13-6:Hot-Standby Redundancy 229
Figure 13-7:Active-Active High-Availability Configuration 233
Figure 13-8:Hot-Standby Configuration 239

12 42C4911, January 2007

Tables

Table 1-1: GbESM IP addresses, based on switch-module bay numbers 24
Table 1-2: User Access Levels 47
Table 1-3: Alteon OS-proprietary Attributes for RADIUS 47
Table 1-4: Default TACACS+ Authorization Levels 49
Table 1-5: Alternate TACACS+ Authorization Levels 49
Table 4-1: Actor vs. Partner LACP configuration 101
Table 5-1: Ports, Trunk Groups, and VLANs 106
Table 7-1: Well-Known Protocol Types 126
Table 7-2: Well-Known Application Ports 127
Table 7-3: Well-Known TCP flag values 127
Table 7-4: ACL Precedence Groups 128
Table 7-5: Default QoS Service Levels 136
Table 8-1: Subnet Routing Example: IP Address Assignments 148
Table 8-2: Subnet Routing Example: IP Interface Assignments 148
Table 8-3: Subnet Routing Example: Optional VLAN Ports 150
Table 13-1: VRRP Tracking Parameters 230

42C4911, January 2007 13

Alteon OS Application Guide

14 42C4911, January 2007

Preface

The Alteon OS Application Guide describes how to configure and use the Alteon OS software
on the 10Gb Ethernet Switch Module for IBM BladeCenter. For documentation on installing
the switch physically, see the Installation Guide for your GbE Switch Module (GbESM).

Who Should Use This Guide

This Application Guide is intended for network installers and system administrators engaged in
configuring and maintaining a network. The administrator should be familiar with Et hernet
concepts, IP addressing, Spanning Tree Protocol, and SNMP configuration parameters.

42C4911, January 2007 15

Alteon OS Application Guide

What You’ll Find in This Guide

This guide will help you plan, implement, and administer Alteon OS software. Where possible,
each section provides feature overviews, usage examples, and configuration instructions.

Part 1: Basic Switching

 Chapter 1, “Accessing the Switch,” describes how to access the GbE Switch Module to

configure, view information and run statistics on the switch. This chapter also discusses

different methods to manage the switch for remote administrators using specific IP

addresses, authentication, Secure Shell (SSH), and Secure Copy (SCP).

 Chapter 2, “Port-based Network Access Control ,” describes how to authenticate devices

attached to a LAN port that has point-to-point connection characteristics. It prevents

access to ports that fail authentication and authorization. This feature provides security to

ports of the GbESM that connect to blade servers.

 Chapter 3, “VLANs,” describes how to configure Virtual Local Area Networks (VLANs)

for creating separate network segments, including how to use VLAN tagging for devices

that use multiple VLANs. This chapter also describes Protocol-based VLANs, Private

VLANs, and Generic VLAN Registration Protocol (GVRP).

 Chapter 4, “Ports and Trunking,” describes how to group multiple physical ports together

to aggregate the bandwidth between large-scale network devices.

 Chapter 5, “Spanning Tree Group,” discusses how Spanning T rees configure the network

so that the switch uses the most efficient path when multiple paths exist.

 Chapter 6, “R apid Spanning Tree Protocol/Multiple Spanning Tree Protocol,” describes

Rapid Spanning Tree and Multiple Spanning Tree configurations.

 Chapter 7, “Quality of Service,” discusses Quality of Servi ce features, including IP filter-

ing using Access Control Lists, Differentiated Services, and IEEE 802.1p priority values.

Part 2: IP Routing

 Chapter 8, “Basic IP Routing,” describes how to configure the GbE Switch Module for IP

routing using IP subnets, and DHCP Relay.

 Chap ter 9, “Routing Information Protocol,” describes how the Alteon OS software imple-

ments standard RIP for exchanging TCP/IP route information with other routers.

 Chapter 10, “IGMP,” describes how the Alteon OS software implements IGMP Snooping

or IGMP Relay to handle multicast traffic efficiently.

 Preface 42C4911, January 2007

16

Alteon OS Application Guide

 Chapter 11, “Border Gateway Protocol,” describes BGP concepts and BGP features sup-

ported in Alteon OS.

 Chapter 12, “OSPF,” describes OSPF concepts, how OSPF is implemented in Alteon OS,

and examples of how to configure your switch for OSPF support.

Part 3: High Availability Fundamentals

 Chapter 13, “High A vailability,” describes how to use the Virtual Router Redundancy Pro-

tocol (VRRP) to ensure that network resources remain available if one GbE Switch Mod­ule is removed for service.

Part 4: Appendices

 Appendix A, “Troubleshooting,” discusses two tools for troubleshooting your switch—

monitoring ports and filtering session dumps.

 Appe ndi x B, “RADIUS Server Con figuration Notes,” discusses how to modify RADIUS

configuration files for the Nortel Networks BaySecure Access Control RADIUS server, to
provide authentication for users of the GbE Switch Module.

Preface

 1742C4911, January 2007

Alteon OS Application Guide

Typographic Conventions

The following table describes the typographic styles used in this book.

Table 1 Typographic Conventions

Typeface or
Symbol

AaBbCc123 This type is used for names of commands,

AaBbCc123 This bold type appears in command exam-

<AaBbCc123> This italicized type appears in command

[ ] Command items shown inside brackets are

Meaning Example

files, and directories used within the text.
It also depicts on-screen computer output and

prompts.

ples. It shows text that must be typed in
exactly as shown.

examples as a parameter placeholder. Replace
the indicated text with the appropriate real
name or value when using the command. Do
not type the brackets.

This also shows book titles, special terms, or
words to be emphasized.

optional and can be used or excluded as the
situation demands. Do not type the brackets.

View the readme.txt file.

Main#

Main# sys

To establish a Telnet session, enter:

host# telnet <IP address>

Read your User’ s Guide thoroughly.

host# ls [-a]

 Preface 42C4911, January 2007

18

Alteon OS Application Guide

How to Get Help

If you need help, service, or technical assistance, see the "Getting help and
technical assistance" appendix in the Nortel 10Gb Ethernet Switch Module for
IBM BladeCenter Installation Guide.

Preface

 1942C4911, January 2007

Alteon OS Application Guide

 Preface 42C4911, January 2007

20

Part 1: Basic Switching

This section discusses basic switching functions. This includes how to access and manage the
switch:

 Accessing the switch
 Po rt -Based Network Access Control
 VLANs
 Port Trunking
 Spanning Tree Protocol
 Rapid Spanning Tree and Protocol and Multiple Spanning Tree Protocol
 Quality of Service

42C4911, January 2007

Alteon OS Application Guide

22 42C4911, January 2007

CHAPTER 1

Accessing the Switch

The Alteon OS software provides means for accessing, configuring, and viewing information
and statistics about the GbE Switch Module. This chapter discusses different methods of
accessing the switch and ways to secure the switch for remote administrators:

 “Management module setup” on page 24
 “External mana gement port setup” on page 28
 “Using Telnet” on page 29
 “Using the Browser-Based Interface” on page 33
 “Using SNMP” on page 36
 “Securing Access to the Switch” on page 43

 “RADIUS Authentication and Authorization” on page 44
 “TACACS+ Authentication” on page 48
 “LDAP Authentication and Authorization” on page 53
 “Secure Shell and Secure Copy” on page 55

42C4911, January 2007 23

Alteon OS Application Guide

Management module setup

The BladeCenter GbE Switch Module is an integral subsystem within the overall BladeCenter
system. The BladeCenter chassis includes a management module as the central element for
overall chassis management and control.

You can use the management mod ule to configure and manage the GbE Switch Module. The
GbE Switch Module communicates with the management module(s) through its internal port
15 (MG T1) and port 16 (MGT2), which you can access through the 100 Mbps Ethernet port on
each management module. The factory default settings permit management and control access
to the switch module only through the management module, or the built-in serial port. Y ou can
use the external Ethernet ports (EXT1-EXT7) on the switch module for management and con­trol of the switch, by selecting this mode as an option through the management module config­uration utility program (see the applicable BladeCenter Installation and User’ s Guide
publications for more information).

NOTE – Support for each management module is provided by a separate management port
(MGT1 and MGT2). One port is active, and the other port is used as a backup.

Factory-Default vs. MM assigned IP Addresses

Each GbE Switch Module must be assigned its own Internet Protocol address, which is used
for communication with an SNMP network manager or other transmission control protocol /
Internet Protocol (TCP/IP) applications (for example, BootP or TFTP). The factory-default IP
address is 10.90.90.8x, where x corresponds to the number of the bay into which the GbE
Switch Module is installed. For additional information, see the Installation Guide. The man­agement module assigns an IP address of 192.168.70.1xx, where xx corresponds to the number
of the bay into which each GbE Switch Module is installed, as shown in the following table:

Table 1-1 GbESM IP addresses, based on switch-module bay numbers

Bay number Factory-default IP address IP address assigned by MM

Bay 7 10.90.90.80 192.168.70.133
Bay 8 10.90.90.82 192.168.70.134
Bay 9 10.90.90.81 192.168.70.135

Bay 10 10.90.90.83 192.168.70.136

 Chapter 1: Accessing the Switch 42C4911, January 2007

24

Alteon OS Application Guide

NOTE – Before you install the GbESM in Bay 8 or Bay 10, confirm that your blade
I/O Expansion adapter supports communication to these I/O bays.

Default Gateway

The default Gateway IP address determines where packets with a destination address outside
the current subnet should be sent. Usually, the default Gateway is a router or host acting as an
IP gateway to handle connections to other subnets of other TCP/IP networks. If you want to
access the GbE Switch Module from outside your local network, use the management module
to assign a default Gateway address to the GbE Switch Module. Choose I/O Module Tasks >
Configuration from the navigation pane on the left, and enter the default Gateway IP address
(for example, 192.168.70.125). Click Save.

Configuring management module for switch access

Complete the following initial configuration steps:

1. Connect the Ethernet port of the management module to a 10/100 Mbps network (with

access to a management station) or directly to a management station.

2. Access and log on to the management module, as described in the BladeCenter Manage-

ment Module User’s Guide. The management module provides the appropriate IP
addresses for network access (see the applicable BladeCenter Installation and User’s
Guide publications for more information).

3. Select Configuration on the I/O Module Tasks menu on the left side of the BladeCenter

Management Module window. See Figure 1-1.

Chapter 1: Accessing the Switch

 2542C4911, January 2007

Alteon OS Application Guide

Figure 1-1 Switch management on the BladeCenter management module

4. You can use the default IP addresses provided by the management module, or you can

assign a new IP address to the switch module through the management module. You can
assign this IP address through one of the following methods:

 Manually through the BladeCenter management module
 Autom a ticall y through the IBM Director Configuration Wizard (available in

Director release 5.20.1)

NOTE – If you change the IP address of the GbE Switch Module, make sure that the switch
module and the management module both reside on the same subnet.

5. Enable the following features in the management module:

 External Ports (I/O Module Tasks > Admin/Power/Restart > Advanced Setup)
 External management over all ports (Configuration > Advanced Configuration)

This setting is required if you want to access the management network through the
external data ports (EXT1 - EXT6) and the external management port (EXT7) on the
GbE Switch Module.

 Chapter 1: Accessing the Switch 42C4911, January 2007

26

Alteon OS Application Guide

The default value is Disabled for both features. If these features are not already enabled,
change the value to Enabled, then Save.

NOTE – In Advanced Configuration > Advanced Setup, enable “Preserve new IP configura-
tion on all switch resets,” to retain the switch’s IP interface when you restore factory defaults.
This setting preserves the management port’s IP address in the management module’s memory,
so you maintain connectivity to the management module after a reset.

You can now start a Telnet session, Browser-Based Interface (Web) session, a Secure Shell ses­sion, or a secure HTTPS session to the GbE Switch Module.

Chapter 1: Accessing the Switch

 2742C4911, January 2007

Alteon OS Application Guide

External management port setup

In addition to the internal management ports (MGT1 and MGT2), the 10Gb Ethernet
Switch Module (GbESM) also has an external management port (EXT7) to support
out-of-band management traffic. Port EXT7 allows you to perform data transfers without
taxing the data ports (EXT1-EXT6). Some commands (for example, so ft ware image transfers
such as /boot/gtimg) that initiate data transfers provide an option for choosing the port
over which to perform the transfer.

To use the external management port, you must configure the external management interface
and gateway, as shown in the following configuration example.

Configuring the external management interface

Complete the following steps to configure port EXT7 for external management:

1. Use Telnet to access the switch CLI, and configure the external management interface:

>> # /cfg/l3/if 249 (Select IP interface 249)
>> IP Interface 249# addr 100.20.10.3 (Assign IP address for the interface)
>> IP Interface 249# ena (Enable the interface)
>> IP Interface 249# ..
>> Layer 3# gw 253 (Select gateway 253)
>> Default gateway 253# addr 100.20.10.5 (Assign IP address for the gateway)
>> Default gateway 253# ena (Enable the gateway)

>> Default gateway 253# apply (Make the configuration active)
>> Default gateway 253# save (Save your changes)

Interface 249 and gateway 253 are used for switch management through port EXT7.

2. Enable port EXT7.

>> # /cfg/port ext7/ena (Enable port EXT7)
>> Port EXT7# apply (Make the configuration active)
>> Port EXT7# save (Save your changes)

By default, port EXT7 is a member of management VLAN 4094.
Once the external management network is configured, you can start a Telnet session,

Browser-Based Interface (Web) session, a Secure Shell session, or a secure HTTPS session to
the GbESM. To access the GbESM through the external management port, use the IP address
for IP interface 249.

 Chapter 1: Accessing the Switch 42C4911, January 2007

28

Alteon OS Application Guide

Using Telnet

Use the management module to access the GbE Switch Module through Telnet. Choose
I/O Module T asks > Configuration from the navigation pane on the left. Select a bay number
and click Advanced Configuration > Start Telnet/Web Session > Star t Telnet Session. A
Telnet window opens a connection to the Switch Module (requires Java 1.4 Plug-in).

Once you have configured the GbE Switch Module with an IP address and gateway, you can
access the switch from any workstation connected to the management network. Telnet access
provides the same options for user and administrator access as those available through the
management module, minus certain telnet and management commands.

To establish a Telnet connection with the switch, you can run the Telnet program on your
workstation and issue the Telnet command, followed by the switch IP address:

telnet <switch IP address> [-m|-mgt|-e|-ext7|-d|-data]

By default, the -m or -mgt option for management ports is used. To use the internal
management port, specify the -m or -mgt option. To use the external management port,
specify the -e or -ext7 option.

Connect to the Switch via SSH

The SSH (Secure Shell) protocol enables you to securely log into another computer over a net­work to execute commands remotely . As a secure alternative to using Telnet to manage switch
configuration, SSH ensures that all data sent over the network is encrypted and secure. For
more information, see “Secure Shell and Secure Copy” on page 55. For more information on
the CLI, see the Alteon OS Command Reference.

BOOTP Relay Agent

The GbE Switch Module can function as a Bootstrap Protocol relay agent, enabling the switch
to forward a client request for an IP address up to two BOOTP servers with IP addresses that
have been configured on the switch.

When a switch receives a BOOTP request from a BOOTP client requesting an IP address, the
switch acts as a proxy for the client. The request is then forwarded as a UDP Unicast MAC
layer message to two BOOTP servers whose IP addresses are configured on the switch. The
servers respond to the switch with a Unicast reply that contains the default gateway and IP
address for the client. The switch then forwards this reply back to the client.

Chapter 1: Accessing the Switch

 2942C4911, January 2007

Alteon OS Application Guide

Figure 1-2 shows a basic BOOTP network example.

Boston Raleigh

20.1.1.1

BladeCenter

BladeCenter

BladeCenter

10.1.1.2

BOOT Client
asks for IP from
BOOTP server

BladeCenter acts as
BOOTP Relay Agent

BOOTP Server

Figure 1-2 BOOTP Relay Agent Configuration

The use of two servers provide failover redundancy. The client request is forwarded to both
BOOTP servers configured on the switch. However, no health checking is supported.

Configuring the BOOTP Relay Agent

To enable the GbE Switch Module to be the BOOTP forwarder, you need to configure the
BOOTP server IP addresses on the switch, and enable BOOTP relay on the interface(s) on
which the BOOTP requests are received.

Generally, you should configure the command on the switch IP interface that is closest to the
client, so that the BOOTP server knows from which IP subnet the newly allocated IP address
should come.

Use the following commands to configure the switch as a BOOTP relay agent:

>> # /cfg/l3/bootp
>> Bootstrap Protocol Relay# addr <IP address>(IP address of BOOTP server)
>> Bootstrap Protocol Relay# addr2 <IP address>(IP address of 2nd BOOTP server)
>> Bootstrap Protocol Relay# on (Globally turn BOOTP relay on)
>> Bootstrap Protocol Relay# off (Globally turn BOOTP relay off)
>> Bootstrap Protocol Relay# cur (Display current configuration)

Use the following command to enable the Relay functionality on an IP interface:

>> # /cfg/l3/if <interface number>/relay ena

 Chapter 1: Accessing the Switch 42C4911, January 2007

30